Featured Slideshow

British hacker Stephen Tomkinson has found two Blu-Ray-borne attacks.His first exploit relies on a poor Java implementation in a product called PowerDVD from CyberLink. PowerDVD plays DVDs on PCs and... read more

Twitter has tripled the size of its abuse support team after the number of reports it handled increased five-fold in six months thanks to an expansion of harassment controls.The company did not... read more

When we reviewed the Samsung Galaxy S5 last year, the handset made a surprisingly good impression, thanks to its blazing performance, outstanding battery life, and a stunning Super AMOLED screen. We... read more

Today at MWC 2015, we played with the ZTE Grand S3. ZTE's new flagship device lets users unlock their phones by looking at the front-facing camera. The cutting edge solution, called Eyeprint ID,... read more

After our recent discovery that our Samsung TV was sending voice recognition data over the internet unencrypted, they sent the following response:“Samsung takes consumer privacy very seriously and... read more

You are here

Twitter, Facebook affected by SMS spoofing flaw

Users who send and receive Twitter messages via text message from their mobile phone are vulnerable to a weakness that could allow anyone to post a tweet to their account, according to a developer and security researcher who discovered the flaw.

Jonathan Rudenberg said in a blog post on Monday that all the attacker needs to know is the target's cell phone number. Then they can spoof the originating address of the text message, or SMS,

"Like email, the originating address of [an] SMS cannot be trusted," Rudenberg wrote. "Many SMS gateways allow the originating address of a message to be set to an arbitrary identifier, including someone else's number."